Dyfed-Powys Police obtains, holds, uses and discloses information about individuals - this is refered to as personal data. We have obligations to follow in relation to how we handle this data and, you have rights in regard to how your personal data is handled by us.
The use and disclosure of personal data is governed in the United Kingdom by the Data Protection Act 1998 (‘the Act’). The Chief Constable of Dyfed-Powys Police is registered with the Information Commissioner as a ‘data controller’ for the purposes of the Act. As such he is obliged to ensure that Dyfed-Powys Police handles all personal data in accordance with the Act.
Dyfed-Powys police takes that responsibility very seriously and takes great care to ensure that personal data is handled appropriately in order to secure and maintain individuals’ trust and confidence in the force.
Why do we hold personal data?
Dyfed Powys Police obtains, holds, uses and discloses personal data for two broad purposes:
Whose personal data do we handle?
In order to carry out the purposes described above ('Why do we hold personal data?'), Dyfed-Powys Police may obtain, use and disclose personal data relating to a wide variety of individuals.
Dyfed Powys Police will only use appropriate personal data necessary to fulfil a particular purpose or purposes. Personal data could be information which is held on a computer, in a paper record i.e. a file, as images, but it can also include other types of electronically held information e.g. CCTV images.
What types of personal data do we handle?
In order to carry out the purposes described above ('Why do we hold personal data'), Dyfed-Powys Police may obtain, use and disclose a range of personal data relating.
Dyfed-Powys Police will only use appropriate personal data necessary to fulfil a particular purpose or purposes. Personal data could be information which is held on a computer, in a paper record i.e. a file, as images, but it can also include other types of electronically held information e.g. CCTV images.
Where do we obtain personal data from?
In order to carry out the purposes described above ('Why do we hold personal data?'), Dyfed Powys Police may obtain personal data from a wide variety of sources.
Dyfed-Powys Police may also obtain personal data from other sources such as its own CCTV systems, or correspondence.
How do we handle personal data?
In order to achieve the purposes described above ('Why do we hold personal data?'), Dyfed-Powys Police will handle personal data in accordance with the Data Protection Act. In particular we will ensure that personal data is handled fairly and lawfully with appropriate justification.
We will strive to ensure that any personal data used by us or on our behalf is of the highest quality in terms of accuracy, relevance, adequacy and non-excessiveness, is kept as up to date as required, is protected appropriately, and is reviewed, retained and securely destroyed when no longer required. We will also respect individuals’ rights under the Act.
How do we ensure the security of personal data?
Dyfed-Powys Police takes the security of all personal data under our control very seriously.
We will comply with the relevant parts of the Act relating to security, and seek to comply with the National Police Chiefs’ Council’s’ Community Security Policy.
We will ensure that appropriate policy, training, technical and procedural measures are in place, including audit and integrity monitoring, to protect our manual and electronic information systems from data loss and misuse, and only permit access to them when there is a legitimate reason to do so, and then under strict guidelines as to what use may be made of any personal data contained within them.
These procedures are continuously managed and enhanced to ensure up-to-date security.
Who do we disclose personal data to?
In order to carry out the purposes described above ('Why do we hold personal data?') Dyfed-Powys Police may disclose personal data to a wide variety of recipients in any part of the world, including those from whom personal data is obtained (as listed above).
This may include disclosures to other law enforcement agencies, partner agencies working on crime reduction initiatives, partners in the Criminal Justice arena, Goleudy (supports victims of crime), and to bodies or individuals working on our behalf such as IT contractors or survey organisations.
We may also disclose to other bodies or individuals where necessary to prevent harm to individuals.
Disclosures of personal data will be made on a case-by-case basis, using the personal data appropriate to a specific purpose and circumstances, and with necessary controls in place. Some of the bodies or individuals to which we may disclose personal data are situated outside of the European Union – some of which do not have laws that protect data protection rights as extensively as in the United Kingdom. If we do transfer personal data to such territories, we will take proper steps to ensure that it is adequately protected as required by the Act.
Dyfed-Powys police will also disclose personal data to other bodies or individuals when required to do so by, or under, any act of legislation, by any rule of law, and by court order. This may include disclosures to the Child Support Agency, the National Fraud Initiative, the Home Office and to the Courts. Dyfed-Powys Police may also disclose personal data on a discretionary basis for the purpose of, and in connection with, any legal proceedings or for obtaining legal advice.
What are the rights of the individuals whose personal data is handled by Dyfed-Powys Police?
Individuals have various rights enshrined in the Act. The most commonly exercised right is that used by individuals to obtain a copy, subject to exemptions, of their personal data processed by Dyfed Powys Police. Click HERE for details of the application process, known as ‘Subject Access’.
Other rights include:
How long does Dyfed-Powys Police retain personal data?
Dyfed-Powys Police keeps personal data as long as is necessary for the particular purpose or purposes for which it is held. Personal data which is placed on national police systems namely, the Police National Computer, National DNA Database or National Fingerprint Database are managed in accordance with ‘NPCC Deletion of Records from National Police Systems (PNC/NDNAD/IDENT1)’.
Other records containing personal data relating to crime recording, domestic violence, child abuse investigation, public protection, missing persons, case and custody, incident records, firearms licensing and intelligence will be retained in accordance with the Authorised Professional Practice on the Management of Police Information. This can also be found on the College of Policing website at http://www.app.college.police.uk/app-content/information-management/management-of-police-information/
Dyfed-Powys Police may monitor or record and retain telephone calls, text, emails and other electronic communications to and from the force in order to deter, prevent and detect inappropriate or criminal activity, to ensure security, and to assist the purpose described above ('Why do we hold personal data?').
Dyfed-Powys Police does not place a pre-recorded ‘fair processing notice’ on telephone lines that may receive emergency calls (including misdirected ones) because of the associated risk of harm that may be caused through the delay in response to the call.
Any individual with concerns over the way Dyfed-Powys Police handles their personal data may contact the Data Protection Department:
Data protection Department
PO Box 99,
Tel: 101 and ask for the Data Protection Department.
‘Personal data’ is defined under Section 1 of the Data Protection Act 1998. In practical terms it means information handled by Dyfed-Powys Police that relates to identifiable living individuals. It can include intentions and expressions of opinion about the individual. The information can be held electronically or as part of paper records, and can include CCTV footage and photographs. For ease of readers this document refers to the handling, use, holding etc of personal data – Section 1 of the Act uses the term ‘processes’ to effectively cover any usage of personal data.
This document is designed to help satisfy the ‘Fair Processing Requirements’ as required by Schedule 1 Part 2
Paragraphs 1 to 4 of the Data Protection Act 1998 and may be regarded as a generic over-arching ‘Fair Processing Notice’ for Dyfed-Powys Police. Additional more specific Fair Processing Notices may appear in other circumstances such as on forms, force policies, email footers, or CCTV signage.
Dyfed-Powys Police is required to conduct Customer Satisfaction Surveys to evaluate our performance and effectiveness. We may contact individuals, such as victims of crime or those reporting incidents, and ask them to give us their opinion of the service we are providing to the public. We use the information given to improve our services wherever we can. Dyfed-Powys Police, like many police forces, use a private company to undertake such surveys on our behalf with strict controls to protect the personal data of those involved.